The present invention relates to circuits and methods for uniquely identifying an integrated circuit, and more specifically, circuits and methods for giving integrated circuits a unique fingerprint that cannot be duplicated.
Implementing secure applications in certain devices requires that the devices be uniquely identified, and that cannot be cloned. Examples of such devices include software-defined radios, cellular handsets, military radios, etc. For example, a military radio may have to be selectively disabled if the radio was captured or stolen. Additionally, it is desirable to prevent a lost or stolen handset or radio from being reconfigured to clone an existing handset radio.
A programmable integrated circuit typically consists of a core array of programmable logic elements, each of which may have one or more inputs and outputs that can be programmed to output a Boolean function of one or more of the inputs. The inputs and outputs of these logic elements can be connected to each other using programmable routing connections. Typically, the programmable logic elements and programmable routing connections are controlled by configuration elements—such as volatile or non-volatile configuration bits. Volatile configuration elements are typically loaded by an external bit-stream that is presented to the device during the configuration time following a power-on-reset event or a reconfiguration signal event. For secure applications, this bit stream is often in encrypted form and then decrypted by a decryption unit inside the integrated circuit, such as an Advanced Encryption Standard (AES) encryption/decryption engine.
Designs implemented in programmable devices have the disadvantage of being cloneable. That is, an application using one programmable device can be configured to act identically to an application programmed into another programmable device. This is particularly undesirable when the IC needs to be uniquely identified.
Some solutions are based on non-volatile fuses in the IC that can be programmed with a unique ID. However, even if the ID were programmed at the factory, devices prior to the fuse programming are susceptible to theft. Such un-programmed devices could later be programmed to clone a programmable device by reading the unique ID and then programming the fuses in the clone device. In addition, the security cost for protecting the world-wide manufacturing process in such a scenario is incompatible with a desire for low-cost devices.
It is in this context that embodiments of the invention arise.